From patchwork Sun Sep 26 10:37:00 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Adolf Belka X-Patchwork-Id: 4740 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4HHMf11Kwrz3xWd for ; Sun, 26 Sep 2021 10:37:13 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4HHMf064pPz12q; Sun, 26 Sep 2021 10:37:12 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4HHMf058v2z2yl3; Sun, 26 Sep 2021 10:37:12 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4HHMdz1V84z2xmx for ; Sun, 26 Sep 2021 10:37:11 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4HHMdy5yd7zBQ; Sun, 26 Sep 2021 10:37:10 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1632652630; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=yR4rhTarFoXbS5C1GnwclkW9qgND1yAYbezx8v7jGQk=; b=AredYcfuzRATHg7iCdlHjDgZNWk3QnF7ytHAj3+2Be9vWFMlNKoXDTnbAlrI2zg3uZdd8+ WXDTL3qXb70RMRCg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1632652630; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=yR4rhTarFoXbS5C1GnwclkW9qgND1yAYbezx8v7jGQk=; b=PuBZLlxqdB93QNOvu6G11e87Lv6dKNF6J89ClfcFREaJWb0gFjiPFCVptr9BKZd8GfhfZf kOMy/xgS9SyLAYth4Wz75ChfegOlh0//Q+vUgtqC9byCD7ZbSJSSLyFC6uIXhNsUuJ5s9B 6ml9kZsWS3/FrcZyfFLalzB4wImPmpjA+6lhRBaDvQ0Db1NzltUJuF4xKeMjwc7TVr+foT xheC6bN6gJnz2JGSYBRtJ1fz4xRiNyAC9WsRVwE261iFu1mTjB1LN7Lvc+lNgo1FD/TT0E fy9nzMZri3R+2UZJypbLpkARSU6K6OphOYD/du1EfAl9fjtWt1kA2iV5FbZ9aA== From: Adolf Belka To: development@lists.ipfire.org Subject: [PATCH v2] libxcrypt: Update to version 4.4.26 Date: Sun, 26 Sep 2021 12:37:00 +0200 Message-Id: <20210926103700.2988-1-adolf.belka@ipfire.org> MIME-Version: 1.0 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" - v2 version is to extend from 4.4.25 to 4.4.26 - Update from 4.4.23 to 4.4.26 - Update of rootfile not required - Changelog Version 4.4.26 * Fix compilation on systems with GCC >= 10, that do not support declarations with __attribute__((symver)). Version 4.4.25 * Add support for Python 3.11 in the configure script. * Stricter checking of invalid salt characters (issue #135). Hashed passphrases are always entirely printable ASCII, and do not contain any whitespace or the characters ':', ';', '*', '!', or '\'. (These characters are used as delimiters and special markers in the passwd(5) and shadow(5) files.) Version 4.4.24 * Add hash group for Debian in lib/hashes.conf. Debian has switched to use the yescrypt hashing algorithm as the default for new user passwords, so we should add a group for this distribution. * Overhaul the badsalt test. Test patterns are now mostly generated rather than manually coded into a big table. Not reading past the end of the “setting” part of the string is tested more thoroughly (this would have caught the sunmd5 $$ bug if it had been available at the time). Test logs are tidier. * Add ‘test-programs’ utility target to Makefile. It is sometimes useful to compile all the test programs but not run them. Add a Makefile target that does this. * Fix incorrect bcrypt-related ifdeffage in test/badsalt.c. The four variants of bcrypt are independently configurable, but the badsalt tests for them were all being toggled by INCLUDE_bcrypt, which is only the macro for the $2b$ variant. * Fix bigcrypt-related test cases in test/badsalt.c. The test spec was only correct when both or neither of bigcrypt and descrypt were enabled. * Detect ASan in configure and disable incompatible tests. ASan’s “interceptors” for crypt and crypt_r have a semantic conflict with libxcrypt, requiring a few tests to be disabled for builds with -fsanitize-address. See commentary in test/crypt-badargs.c for an explanation of the conflict, and the commentary in build-aux/zw_detect_asan.m4 for why a configure test is required. * Fix several issues found by Covscan in the testsuite. These include: - CWE-170: String not null terminated (STRING_NULL) - CWE-188: Reliance on integer endianness (INCOMPATIBLE_CAST) - CWE-190: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN) - CWE-569: Wrong sizeof argument (SIZEOF_MISMATCH) - CWE-573: Missing varargs init or cleanup (VARARGS) - CWE-687: Argument cannot be negative (NEGATIVE_RETURNS) Signed-off-by: Adolf Belka Reviewed-by: Peter Müller --- lfs/libxcrypt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lfs/libxcrypt b/lfs/libxcrypt index 16ebb1dc5..770b4249e 100644 --- a/lfs/libxcrypt +++ b/lfs/libxcrypt @@ -24,10 +24,10 @@ include Config -VER = 4.4.23 +VER = 4.4.26 THISAPP = libxcrypt-$(VER) -DL_FILE = $(THISAPP).tar.gz +DL_FILE = $(THISAPP).tar.xz DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) @@ -47,7 +47,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 405116b5cc90b72216afccc54025afbc +$(DL_FILE)_MD5 = 34954869627f62f9992808b6cff0d0a9 install : $(TARGET)